Attachments not Delivered by MailScan!

2002-11-04 Thread postmaster 

The attachment(s) that you sent with the following mail
was deleted by MailScan (not delivered to the recipient)
==
The Mail came from: [EMAIL PROTECTED]
The Mail recipient: [EMAIL PROTECTED]
Subject of the Mail   : A  new website
Message-ID: [EMAIL PROTECTED]

The following attachments were deleted:
Attachment: CLASS.EXE
==

Use  MailScan on  your  EMail Servers  for maximum protection
from Internet-borne viruses.

Re: What email encryption is actually in use?

2002-11-04 Thread David Howe 
at Monday, November 04, 2002 2:28 AM, Tim May [EMAIL PROTECTED] was seen
to say:
 Those who need to know, know.
Which of course is a viable model, provided you are only using your key
for private email to those who need to know
if you are using it for signatures posted to a mailing list though, it
just looks silly.

 You, I've never seen before. Even if you found my key at the Liberal
 Institution of Technology, what would it mean?
it would at least give us a chance to check the integrity of your post
(what a sig is for after all) and anyone faking your key on the servers
would have to prevent you ever seeing one of your own posts (so that you
can't check the signature yourself)

 Parts of the PGP model are ideologically brain-dead. I attribute this
 to left-wing peacenik politics of some of the early folks.
The Web-of-Trust model is mildly broken - all you can really say about
it is that it is better than the alternatives (X509 is not only badly
broken, but badly broken for the purpose of hierachical control and/or
profit)
In the current case, one reason to sign important posts is to establish
a pattern of ownership for posts, independent of real-world identity. If
I know that posts a,b  c sent from nym x are all signed, I will be
reasonably confident that key y is owned by the normal poster of nym x.
that I don't know who that is in meatspace is pretty irrelevant.
Where both systems break down is when trying to assert that key y is
tied to anything but an email address (or possibly a static IP). There
is little to bind a key to anything or anyone in the real world, unless
you meet in person, know each other reasonably well (if only via third
parties that can identify you both) and exchange fingerprints. in fact,
WoT is simply an attempt to automate this process offline, so that you
can be introduced to someone by a third party without all three of you
having to meet; you still have to make a value judgement based on how
sure you are about the third party's reliability and how confident they
seem about the identity of x - however in the real world, both of those
are vague, hard-to-define values and in the WoT they are rigid (you have
a choice of two levels of trust for an introducer, and no way to encode
how much third parties should rely on your identification)

F.R.E.E. Star Wars poster bonus.

2002-11-04 Thread harry6 

	
		
			

	
		Star Wars Episode II Sticker Collection!
		
	

			
			

	
	

			
			

	This official Star Wars Attak of the Clones Collection 
		containes 1 box of 100 packs, with6 different sticker cards per pack. 
			A total of 600 sticker cards in all!
			
			Sticker Cards also features your favorite characters from Star Wars 
Episode4-5 and 6!
			
			
			Plus, 1 official 8 1/2" x 11 3/4" 
		full color Star Wars Episode II 40 
page binder designed to hold your Star Wars Attack 
			of the Clones Sticker cards!
			
			
			Special Bonus: 
	FREE Star Wars pullout poster (measuring a full 23" x 33")! Perfect 
for Display!
			
		
		
		
			Never released for sale to the U.S. buying public!
			A MUST for anyStar 
			Wars fan! 
		
		Click here
for more information! 
	

			
		
		
			

	
	You received this message because 
		you are on a preffered list, reference swee2234545. If you received this message in 
		error, and if you no longer wish to receive e-mails from us please click on the 
		following link. 
		Take me off your list!
			
			
			1-(866) 667-5399
			
			RAI
			PO BOX 72905
			
			Richmond, VA 23235-8022

EXTREMLY URGENT.

2002-11-04 Thread Frank Donald 
EXTREMLY URGENT.

on tel:234-803-3375426,

FROM MR Frank Donald

Dear Sir,

This letter was borne out of my sincere desire to
establish a business /transfer of money in your account.

My name is Mr. Frank Donald a friend of  Dr. Useni Dauda ( the former minister 
of work and finance (FMWF) under the ousted
civilian government) sadly this man died after a brief  illness on the 22nd  of 
June 2002 in Mexico her wife told me that his husband has an account that worth 
$25,500,000.00 ( Twenty Five Million, Five Hundred US Dollar) in the Security 
Company, As an evidence, she have handed over the credentials  of this account 
to me and as a tradition demand, after the  burial of his husband which will 
come up on the 1st of September 2003, his immediate brother will take care of 
his properties and his establishments not his wife. He have only one son and as 
a boy of Twenty Two years old, his mother and one of my collies  who is 
a Senior Police Commissioner have concluded arrangement to transfer this money 
to any foreign partner, who can not hurt peoples
feeling because of greed, Sir please this is this boy's last hope hence my aim 
of writing to you. 
Be 
reassure that this transaction is risk free and we are in this deal with TWO 
Commissioner of Finance whom with the position will cover the remittance to you 
with a drug/laundry free certificate from High Court of Affidavits if you are 
interested. We have agreed to offer you 30% of the total fund as your 
remuneration in this transaction and 10% has been set aside to carter for all 
expenses incurred in the process of
transferring this money into your account. Please, we have to do this as soon as 
possible to enable us transfer this money in your account before the burial of 
Dr. Useni Dauda so that this boy and her mother will not miss this money, please 
this is their last hope and what they are going to achieve from this man if this 
is done.Please, if you are interested in this transaction, please contact me 
immediately through this E-mail address.

NB. You must maintain absolute confidentiality to
ensure success in this transaction and immediately you
reply this email, I will now give you 
all the details about this account.

Best Regards,

Mr.Frank Donald.

on tel:234-803-3375426,





Go Where the Best Things in Life are FREE!   http://www.freeonline.com


-
Express yourself with a super cool email address from BigMailBox.com.
Hundreds of choices. It's free!
http://www.bigmailbox.com
-

Insight on the News Email Edition

2002-11-04 Thread Insight on the News 
INSIGHT NEWS ALERT!

New stories from Insight on the News are now online.

http://www.insightmag.com/

...

  Folks, tomorrow is election day. It’s impossible to talk about the 
merits of American democracy and freedom – expressed by people like you, who use 
their right to vote – without lapsing into some kind of cliché. So I won’t ask 
you to look at Cuba, Iraq, Iran, Saudi Arabia, North Korea, China, Syria – or 
every other unpleasant place to exist in the world. And I won’t ask you what the 
difference is between there and here. That would be trite. Just vote tomorrow! 
You already know why.

  And speaking of the election, we’ve got some dandy stories posted on 
the subject today. Scott Wheeler’s expose of how a bunch of Washington political 
types commandeered an Air Force transport without authorization got a lot of 
attention. http://www.insightmag.com/news/311012.html And Jennifer Hickey has 
answered a lot of fascinating questions about why Walter Mondale decided to 
become “undead” – just in time for Halloween. 
http://www.insightmag.com/news/312890.html These along with some sterling 
reporting on Saddam, Iran, al-Qaeda, and the rest. Just look below. That’s it 
for today. Until next time, I’m still in the Bunker, and I remain your newsman 
in Washington.

...

AL-QAEDA FINDS A FRIEND IN IRAN

Martin Arostegui reports that Iran continues to provide a western haven for al-
Qaeda terrorists fleeing Afghanistan, even as the U.S. military attempts to cut 
off southern escape routes to Pakistan

 http://www.insightmag.com/news/308366.html

...

CAN A WIMP DISARM SADDAM?

Peter Ahlmark writes that war and peace depends on Hans Blix, a man repeatedly 
duped by the Iraqi regime.

http://www.insightmag.com/news/312294.html



FOR THE RIGHT KIND OF ELECTION NIGHT COVERAGE

StopDemocrats.com 

Why watch Dan, Peter, or Tom tip a race on election night? Go to our website and 
get the kind of coverage you need. We’re tracking every race and story – and 
watching out for the good guys. Our Online Radio broadcast starts at 8:00 sharp 
on November 5. And you can visit and track the big stories any time. See you 
election night!

http://www.StopDemocrats.com



MAKING HAY OFF PAUL WELLSTONE

Jennifer Hickey writes that the Minnesota senator's passing was observed with 
unseemly bickering, not deserved respect.

http://www.insightmag.com/news/311045.html

...

MONDALE – BLASTING IN FROM THE PAST

Jennifer Hickey says the world has changed, but has Walter Mondale?

http://www.insightmag.com/news/312890.html

...

THE COLOR OF VOTES

Jennifer Hickey tells us that a new survey shows the black vote is more complex 
than typically portrayed.

http://www.insightmag.com/news/312669.html

..

WINNING THE ECONOMIC WAR ON TERROR

Michael Waller tells us that Ronald Reagan personally crafted a security-minded 
economic strategy that toppled the Soviet Union – a blueprint George W. Bush 
could use to defeat terrorists.

http://www.insightmag.com/news/307121.html



MORE KIND WORDS ABOUT ‘INSIGHT’ MAGAZINE

“THOROUGHLY ENJOY YOUR MAGAZINE. AFTER reading it for a while I decided to 
cancel my subscription to USNWR, which I had subscribed to for some 55 years.”

-- E.D.P., Mt. Pleasant, South Carolina

‘INSIGHT’ -- DISCOVER US FOR YOURSELF

https://www.collegepublisher.com/insightsub/subform1.cfm






You have received this newsletter because you have a user name and password at 
Insight on the News.
To unsubscribe from this newsletter, visit 
http://www.insightmag.com/main.cfm?include=unsubscribe;. You may also log into 
Insight on the News and edit your account preferences on the Web.

If you have forgotten or don't know your user name and password, it will be 
emailed to you after visiting the following link:
http://www.insightmag.com/main.cfm?include=emailPasswordserialNumber=16oai891z5email=cypherpunks;ssz.com

cypherpunks@minder.net

2002-11-04 Thread 
 Öйú·þÎñÈ«ÇòרҵµÄÓòÃû×¢²áÌṩÉÌ£¬ÏÖÍƳöÖ÷»ú¡¢ÓòÃû×¢²áÓŻݷþÎñ£º

   ¡°ÌØ»Ý1+1ÆóÒµÉÏÍøÌײ͡±ÊÇÖйú·þÎñÆ÷ÍøÂçÓÐÏÞ¹«Ë¾ÎªÄúÍƳöµÄ³¬Öµ·þÎñ£¬

   ¡°ÏÈ·þÎñ£¬ºóÊÕ·Ñ£¡¡±ÄÚÈÝ°üÀ¨£º

   30M asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö 250Ôª/Äê (ËÍÎå¸öÓÊÏä)

   100M asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö£¬Ö»Ðè 350Ôª/Äê(ËÍÁù¸öÓÊÏä)

   200N  asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö,Ö»Ðè 600Ôª/Äê  

   ÌØ»Ý1+1ÉÏÍøÌײÍÊÇÆóÒµÉÏÍø£¬ÆóÒµÉÌÎñ»¯µÄÀíÏëÑ¡Ôñ£¬ÏÖÕý»ð±¬Ñ¡¹ºÖÐ

   ¿ìËÙ¶ÈÉêÇë(Çëµã»÷£©£º http://www.linemail.net/host/index.asp

   =
   °Ù¶È¾º¼Û¡¢ÐÂÀËÅÅÃû¡¢ËѺüÅÅÃû¡¢ÍøÒ×ÅÅÃûµÈ·þÎñ£¬Ê¹ÄúµÄÍøÕ¾ÖªÃû¶È´ó´óÌá

   ¸ß¡£ÏµÁг¬ÖµÔùËÍ·þÎñ£¬²»¿É²»¿´£¡
   
   ÂíÉÏÉêÇë: http://www.linemail.net/special/index.asp

   == 
   »¶Ó­·ÃÎÊÎÒ˾ÍøÕ¾½øÒ»²½Á˽⣺

   http://www.linemail.net

   ÁªÏµµç»°:0592-2180338   ´«Õæ:0592-2516932

cypherpunks@minder.net

2002-11-04 Thread 
 Öйú·þÎñÈ«ÇòרҵµÄÓòÃû×¢²áÌṩÉÌ£¬ÏÖÍƳöÖ÷»ú¡¢ÓòÃû×¢²áÓŻݷþÎñ£º

   ¡°ÌØ»Ý1+1ÆóÒµÉÏÍøÌײ͡±ÊÇÖйú·þÎñÆ÷ÍøÂçÓÐÏÞ¹«Ë¾ÎªÄúÍƳöµÄ³¬Öµ·þÎñ£¬

   ¡°ÏÈ·þÎñ£¬ºóÊÕ·Ñ£¡¡±ÄÚÈÝ°üÀ¨£º

   30M asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö 250Ôª/Äê (ËÍÎå¸öÓÊÏä)

   100M asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö£¬Ö»Ðè 350Ôª/Äê(ËÍÁù¸öÓÊÏä)

   200N  asp cgi,php +ACCESS Êý¾Ý¿â,Ë͹ú¼Ê¶¥¼¶ÓòÃûÒ»¸ö,Ö»Ðè 600Ôª/Äê  

   ÌØ»Ý1+1ÉÏÍøÌײÍÊÇÆóÒµÉÏÍø£¬ÆóÒµÉÌÎñ»¯µÄÀíÏëÑ¡Ôñ£¬ÏÖÕý»ð±¬Ñ¡¹ºÖÐ

   ¿ìËÙ¶ÈÉêÇë(Çëµã»÷£©£º http://www.linemail.net/host/index.asp

   =
   °Ù¶È¾º¼Û¡¢ÐÂÀËÅÅÃû¡¢ËѺüÅÅÃû¡¢ÍøÒ×ÅÅÃûµÈ·þÎñ£¬Ê¹ÄúµÄÍøÕ¾ÖªÃû¶È´ó´óÌá

   ¸ß¡£ÏµÁг¬ÖµÔùËÍ·þÎñ£¬²»¿É²»¿´£¡
   
   ÂíÉÏÉêÇë: http://www.linemail.net/special/index.asp

   == 
   »¶Ó­·ÃÎÊÎÒ˾ÍøÕ¾½øÒ»²½Á˽⣺

   http://www.linemail.net

   ÁªÏµµç»°:0592-2180338   ´«Õæ:0592-2516932

Up to $200 free money

2002-11-04 Thread chief1452 
Title: GaminglandCasino.com
















  See 
why Gamingland Casino is the most incredible online casino.Whatever you level, 
whatever your game, we've got all the casino excitement you're looking 
for in the comfort of your home!




  
  Get Up To $200 FREE! 





  Tha'ts 
right, we'll match your 1st purchase 100% up to $200! 
And no waiting...your Free Bonus is credited to your account instantly! 









  Buy 
$50 Get $50 FREE! 

  Buy 
$100 Get $100 FREE! 

  Buy 
$200 Get $200 FREE! 

  
Play our Free NO DOWNLOAD quality games with superb graphics  sounds.
  

  







Security  Support


Gamingland Casino 
  is fully licensed by the Directorate of Offshore Gaming.
We 
  provide friendly Customer Support via phone, email 
   fax. 










GaminglandCasino.com







You  have  received  this  Newsletter because you, or someone else, is
registered  to  this Email Address with gambling related sites. If you
no longer wish to be included in our Email Updates, please click here








9701-18652-1820

NEW STOCK PICK: NVHG - PRCT UP 300%............................................................................................................................................................................ awtb

2002-11-04 Thread WALL STREET BULLETIN..46163 



Did you miss out on PRCT, UP 300%?
Here's another pick - Another Short Play
CLICK HERE



I no longer wish to receive your newsletter click here



ajhqwuqvakwfgkqippclsfclpypixhjeflnry

RE: What email encryption is actually in use?

2002-11-04 Thread Tyler Durden 
Peter Trei wrote...

Durden's question was whether a snooper on an IPSEC VPN can
tell (for example) an encrypted email packet from an encrypted
HTTP request.

The answer is no.

All Eve can tell is the FW1 sent FW2 a packet of a certain size.
The protocol of the encapsulated IP packet, it's true source
behind FW1, it's true destination behind FW2, and the true
destination port are all hidden.

Yes, this was indeed the gist of my question. I was aware that there are 
actually hard and soft switches that are aware all the way up to the 
application layer, apparently (I also know that some softswiches have 
actually been deployed in RBOC/Baby Bell territory.)

But from your previous email, you indicated that the secure IPSEC tunnel is 
created by taking the packets, encrypting S/A, D/A, payload and protocol 
fields (ie, pretty much everything) and then dumping them into the payload 
of another packet, and setting the Protocol field of the parent-packet to 
IPSEC. All that is now visible are the firewall addresses.

That's a lot, methinks! In other words, there's practically a bright red 
flag sticking up saying I'm encrypted! Look over here!...it's child's play 
(well, if you consider making an ASIC child's play!) to then look at the S/A 
and D/a to see if they are interesting. If they belong to the IP spaces of 
two large companies, for instance, then look elsewhere (though I hear rumors 
that the NSAs of the world are branching out into industrial eavesdropping 
for their parent companies, ehr, for their parent countries).

If a secure VPN tunnel forms between al-Jazeera's firewall and, say, some 
ISP near Atlantic Avenue in Brooklyn (heavy Arab community), then all sorts 
of spyglasses could pop up.


Thus, I suspect a lot can be gleaned (and is) from communiques without 
actually de-encrypting...the philosohpy probably is, why violate civil 
rights unless we really, really have to? Extract as much as we can without 
actually de-encrypting, and if the probably of something being interesting 
is high enough, then we'll send it downstairs to be opened (and even then, 
determining how hard it is to open the communique might also be of 
interest...is it legal to open somebody else's email but not read it?)


Here's a little quote for ya, since it seems to be the in-thing to do...

The revolution is right where we want it: out of our control.
(Royal Family and the Poor)



From: Trei, Peter [EMAIL PROTECTED]
To: [EMAIL PROTECTED], 'Major Variola (ret)' [EMAIL PROTECTED]
Subject: RE: What email encryption is actually in use?
Date: Mon, 4 Nov 2002 12:58:55 -0500

 Major Variola (ret)[SMTP:[EMAIL PROTECTED]]


 At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
 This is an interesting issue...how much information can be gleaned from

 encrypted payloads?

 Traffic analysis (who, how frequently, temporal patterns)
 Size of payload

 Is it possible for a switch or whatever that has
 visibility up to layers 4/5/6 to determine (at least) what type of file
 is
 being sent?

 Yes.

 Modern network equiptment can examine all the way up to layer 7.
 Can tell that you're sending an .mp3 and will cut your QoS, if that's
 the policy.

Durden's question was whether a snooper on an IPSEC VPN can
tell (for example) an encrypted email packet from an encrypted
HTTP request.

The answer is no.

All Eve can tell is the FW1 sent FW2 a packet of a certain size.
The protocol of the encapsulated IP packet, it's true source
behind FW1, it's true destination behind FW2, and the true
destination port are all hidden.

Peter



_
Unlimited Internet access -- and 2 months free!  Try MSN. 
http://resourcecenter.msn.com/access/plans/2monthsfree.asp

ÓÃemail×ö¹ã¸æ,ÎÒÓÐÈ«¹úemailµØÖ·¿âÊýǧÍò,»¶Ó­¶©¹º,¸½ËÍÓʼþ¼«ËÙȺ·¢Èí¼þ(ÂÌÉ«Èí¼þ²»Ðë°²×°,²»ÐësmtpÉèÖÃ),½¨ÍøÕ¾880Ԫȫ°üÆð.

2002-11-04 Thread ÄãºÃ 





¸óÏÂ:Èç¹ûÄúÐèҪͨ¹ýemail×ö¹ã¸æ,ÎÒ¿ÉÒÔΪÄãÌṩemailµØÖ·¿â,¼Û¸ñ:500ÍòÓÊÖ·650Ôª,¸½ËÍÃÀ¶ûÍøÂçÓʼþ¼«ËÙȺ·¢Íõ(ÂÌÉ«Èí¼þ²»Ðë°²×°,²»ÐësmtpÉèÖÃ)¡£µ±Ìì½»»õ,»¶Ó­¶©¹º,µç»°:0755-82483730,ÁªÏµÈË:ÑîÉú,ÍøÖ·:www.99aa.com

½¨ÍøÕ¾880Ԫȫ°üÆð(Ò»¸ö¹ú¼ÊÓòÃû,100MÍøÕ¾¿Õ¼ä,4Ò³ÍøÒ³),ÏêÇéÇë·ÃÎÊ:www.99aa.com

Èç¹û¸óϲ»ÐèÕâЩ·þÎñ,ÄÇÎÒÒ»¶¨ÊÇ´òÈÅÄúÁË,ÇëÔ­Á²¢É¾³ýÖ®,лл£¡

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tyler Durden[SMTP:[EMAIL PROTECTED]] wrote
 
 
 But from your previous email, you indicated that the secure IPSEC tunnel
 is 
 created by taking the packets, encrypting S/A, D/A, payload and protocol 
 fields (ie, pretty much everything) and then dumping them into the payload
 
 of another packet, and setting the Protocol field of the parent-packet to 
 IPSEC. All that is now visible are the firewall addresses.
 
 That's a lot, methinks! In other words, there's practically a bright red 
 flag sticking up saying I'm encrypted! Look over here!...it's child's
 play 
 (well, if you consider making an ASIC child's play!) to then look at the
 S/A 
 and D/a to see if they are interesting. If they belong to the IP spaces of
 
 two large companies, for instance, then look elsewhere (though I hear
 rumors 
 that the NSAs of the world are branching out into industrial eavesdropping
 
 for their parent companies, ehr, for their parent countries).
 
 If a secure VPN tunnel forms between al-Jazeera's firewall and, say, some 
 ISP near Atlantic Avenue in Brooklyn (heavy Arab community), then all
 sorts 
 of spyglasses could pop up.
 
The title of this thread is What email encryption is actually in use?. I
posted
that a lot intra-company email often goes over encrypted VPNs between
worksites, and that this should be considered in trying to figure out how
much
email is encrypted.

After some back and forth to educate you on how IPSEC tunneling works, you
now understand, but it turns out that that was not what you were interested
in.

VPNs no more raise a red flag than does any other form of encrypted 
communication without steganography.  If your threat model includes 
end-point identification, then use alt.anonymous.messages. If traffic
analysis is also a worry, use stego.

VPNs are probably responsible for more encrypted traffic than
anything else on the net, and meet corporate threat models
very well. If your threat model is different, you may need a different
solution.

Peter Trei

CARDIS '02 - 5th Smart Card Research and Advanced Application Conference

2002-11-04 Thread Alex Walker 
Dear colleague -

I'd like to invite you to attend the 5th Smart Card Research and
Advanced Application Conference, November 21-22 in San Jose, CA.
http://www.usenix.org/events/cardis02/

CARDIS '02, the joint IFIP/USENIX International Conference on Smart
Card Research and Advanced Applications, will bring together
researchers and practitioners in the development and deployment of
smart card systems and technologies.

This two-day conference features:

Keynote speaker Vincent Cordonnier, LIFL; 14 refereed papers; panel
discussions; Work-In-Progress reports as well as ample opportunities
to informally interact with fellow attendees and speakers.

Unlike events devoted to commercial and application aspects of smart
cards, the CARDIS conferences bring together researchers who are
active in all aspects of the design, validation, and application of
smart cards.

The breadth of smart card research stimulates a synergy among
disparate research communities, making CARDIS an ideal opportunity to
explore and learn from the latest research advances.

We hope you will join us in San Jose.

On behalf of the program committee -

Peter Honeyman, CITI, University of Michigan
CARDIS '02 Program Chair


--
Alex Walker
Production Editor
USENIX Association
2560 Ninth Street, Suite 215
Berkeley, CA 94710
510/528-8649 x33

RE: Sending bricks through the mail

2002-11-04 Thread Lisa 
I think this is what you're looking for:

http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html

At 11:17 PM 11/3/02 +0100, Thoenen, Peter  Mr.  EPS wrote:
Tried emailing direct but bounced so apologize to the list for the OT 
content :)

You don't happen to have the url do you?  Think it would make an
amusing
read.

Re: What email encryption is actually in use?

2002-11-04 Thread telecon 
On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote:
 - -- treat text as text, to be sent via whichever mail program one uses, 
 or whichever chatroom software (not that encrypted chat rooms are 
 likely...but who knows?), or whichever news reader software

http://www.invisible.net is sort of an encrypted chatroom.
-- 
Windows, Icons, Mice and Pointers.  A jedi craves not these things.

traffic analysis of VPN/secure tunnels (Re: What email encryption is actually in use?)

2002-11-04 Thread Adam Back 
On Mon, Nov 04, 2002 at 12:58:55PM -0500, Trei, Peter wrote:
 Durden's question was whether a snooper on an IPSEC VPN can
 tell (for example) an encrypted email packet from an encrypted
 HTTP request. 
 
 The answer is no.
 
 All Eve can tell is the FW1 sent FW2 a packet of a certain size.
 The protocol of the encapsulated IP packet, it's true source 
 behind FW1, it's true destination behind FW2, and the true
 destination port are all hidden.

An external obseverer being able to tell the time of exchange or
percentage of traffic which is email vs http through a VPN probably
isn't a big deal to most people.

But if someone did care, it may be that you could have some
probabilistic indication of whether the traffic is email or http (or
other distinctions) based on the size of the packets, the timing that
kind of thing.  As there are different internal originating-points
(mail hub, vs desktop/desktop+proxy cache), probably aspects of the
hardware, TCP stack and application performance and behavior would
leave some still recognizable performance and IP packet size
signature.

A more direct traffic-analysis type of risk is interactive session
protocols like telnet, perhaps some chat programs where the characters
are sent as they are typed.  In this scenario it may be that an
attacker could reconstruct the plaintext by analysing typing
characteristics.  (There was a paper about this risk for interactive
sessions over SSH published a while back -- don't have the reference
handy, probably google could find it).

Another related type of risk is that SSL does not necessarily obsecure
the page requested as the request and/or response may have unique,
predictable and publicly measurable size uniquely identifying the
document requested.

Adam
--
http://www.cypherspace.org/adam/

NYT: commercial quantum-key-distrib soon

2002-11-04 Thread Major Variola (ret) 
A New Cryptography Uses the Quirks of Photon Streams

By JOHN MARKOFF

he quirky world of quantum physics, where mathematical elements can
hold multiple values and objects can be in several places at once,
is heading toward commercial products.

A start-up company, MagiQ Technologies, plans to announce today a
cryptogaphy  or code  system that uses a technology called quantum key
distribution to thwart eavesdropping on a fiber optic communication
channel. The company, based in New York, says it has a working model of
its system and will have a commercial version available in the second
half of next year.
snip
http://www.nytimes.com/2002/11/04/technology/04QUAN.html

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tim May[SMTP:[EMAIL PROTECTED]]
 
 
 On Saturday, November 2, 2002, at 08:01  PM, Tyler Durden wrote:
 
  Prior to that, the encrypted email I've sent in the past year or so 
  has almost always failed, because of version incompatibilities,
 
  While in Telecom I was auditing optical transport gear, and we adopted 
  the practice of encrypting all of our audit reports to vendors. Of 
  course, the chance of there being an eavesdropper (uh...other than 
  NSA, that is) was a plank energy above zero, but it gave the vendors 
  the imporession we really cared a lot about their intellectual 
  property (if we determined a problem with their equipment, and if that 
  info ever leaked, it could have a major impact on them).
 
 When I was at Intel we sent our designs for microprocessors to European 
 branches and/or partners. One set of designs sent to MATRA/Harris, a 
 partner in the 80C86, was stolen in transit. (The box of tapes arrived 
 in Paris, but the tapes had been replaced by the suitable weight of 
 bricks.)
 
I suspect that there is a fair amount of encrypted mail flowing over the
net which is not obvious to ISPs. It's internal mail of large corporations.

Many corps maintain VPNs between their offices, with encryption
handled at the firewall. A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users. 

Of course, this is just internal stuff. The external mail is as open
as everyone's been saying.

Peter Trei

RE: Flight security analysis (was Re: Confiscation of Anti-War Vi deo)

2002-11-04 Thread Trei, Peter 
 --
 From: Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
 Sent: Friday, November 01, 2002 6:02 PM
 To:   [EMAIL PROTECTED]
 Subject:  Re:  Flight security analysis (was Re: Confiscation of
 Anti-War Video)
 
 At 05:16 PM 11/1/02 -0500, Steve Furlong wrote:
 But Maj Variola made a questionable point, too:
 
  At 30K feet, you have about half a minute before you pass out
 
 I just tested that, sort of. I emptied my lungs, then lifted weights
 for
 30 seconds. It was a little painful toward the end, but I didn't grey
 out or anything.
 
 I was unable to find my ref.  But I also know that muscles
 can work anaerobically; also that asphyxiation-feeling is from
 too much CO2, not a lack of O2.  Also, you can't really
 empty your lungs.
 
 I once saw a show about medicine.  In it, an M.D. rebreathed
 his own CO2-scrubbed air as he wrote the alphabet, on camera.
 Halfway through he started scribbling incoherently and fell over,
 unawares.
 (There were assistants to save him.)
 
 FWIW
 
I did this something similar once myself, in high school biology
(this was in Britain, so there were no bullshit concerns over
liability). Two students, one rebreathing scrubbed air, the other
(me) unscrubbed (ie, I was rebreathing my own CO2). 

I kept going about 2 minutes before I started to black out. Analysis
of the air showed that it still had substantial oxygen content, but the
CO2 level had tripled.

My partner, who rebreathed CO2 scrubbed air, kept going for
7 or 8 minutes before stopping, and had used a much higher 
fraction of the O2.

It turns out that CO2 has substantially higher affinity for haemoglobin
than does O2, so the CO2 was suffocating me even in the presence
of ample oxygen. Carbon monoxide has an even higher affinity, which
is why it's so poisonous.

Peter Trei

RE: Katy, bar the door

2002-11-04 Thread Trei, Peter 
 Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
 
 When that trucker kamakazi'd into the state capital in Sacramento last
 year, they decided to put Jersey barriers
 up.  Hard to do that in the air (Blimps with nets?)
 
The name for these is 'barrage balloons'. They were
widely deployed during WW2 against dive bombers
and ground-attack fighters.

I suspect they are less useful today for this purpose,
due to the increased distances of attack, but they
might make life harder for cruise missiles and other 
UAVs.

Plan to see them over Baghdad.

Peter Trei

DISCOUT GAS

2002-11-04 Thread POLISHUKENTERPRISES 
GasUpUSA:
http://www.polishukenterprises.gasupusa.com/



CHECK OUT THIS OFFER!

RE: What email encryption is actually in use?

2002-11-04 Thread Tyler Durden 
The ever-though-provoking Peter Trei wrote...

A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users.

This is an interesting issue...how much information can be gleaned from 
encrypted payloads? Is it possible for a switch or whatever that has 
visibility up to layers 4/5/6 to determine (at least) what type of file is 
being sent? Can it determine at what layer encryption was performed? (These 
may be obvious to many of you, but I can only claim expertise in layers 0/1, 
and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible 
for hardware that examines large numbers of communiques to pre-determine 
that much is of no interest.









From: Trei, Peter [EMAIL PROTECTED]
To: [EMAIL PROTECTED], 'Tim May' [EMAIL PROTECTED]
Subject: RE: What email encryption is actually in use?
Date: Mon, 4 Nov 2002 09:37:59 -0500

 Tim May[SMTP:[EMAIL PROTECTED]]


 On Saturday, November 2, 2002, at 08:01  PM, Tyler Durden wrote:

  Prior to that, the encrypted email I've sent in the past year or so
  has almost always failed, because of version incompatibilities,
 
  While in Telecom I was auditing optical transport gear, and we adopted
  the practice of encrypting all of our audit reports to vendors. Of
  course, the chance of there being an eavesdropper (uh...other than
  NSA, that is) was a plank energy above zero, but it gave the vendors
  the imporession we really cared a lot about their intellectual
  property (if we determined a problem with their equipment, and if that
  info ever leaked, it could have a major impact on them).

 When I was at Intel we sent our designs for microprocessors to European
 branches and/or partners. One set of designs sent to MATRA/Harris, a
 partner in the 80C86, was stolen in transit. (The box of tapes arrived
 in Paris, but the tapes had been replaced by the suitable weight of
 bricks.)

I suspect that there is a fair amount of encrypted mail flowing over the
net which is not obvious to ISPs. It's internal mail of large corporations.

Many corps maintain VPNs between their offices, with encryption
handled at the firewall. A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users.

Of course, this is just internal stuff. The external mail is as open
as everyone's been saying.

Peter Trei



_
Choose an Internet access plan right for you -- try MSN! 
http://resourcecenter.msn.com/access/plans/default.asp

Brinspoon for the UKSTASI.

2002-11-04 Thread Matthew X 
Mayday 2002The Metropolitan Police are seeking your help to identify and 
trace the suspects pictured here.

During the past three years, major anti-capitalist demonstrations have 
taken place in Central London on May Day.

A determined minority in these protests have set out to cause major 
disruption and commit criminal offences including violent disorder and 
substantial criminal damage.

Members of the public and police officers have also been injured in these 
disturbances.

Despite extensive inquiries, which have resulted in a number of successful 
prosecutions, the Metropolitan Police has still to identify and trace a 
number of individuals believed to be involved in committing these offences 
and is seeking your help to do so.

Anyone with information about the identity or whereabouts of any of the 
people pictured here is asked to call the Public Order Team on 020 7239 
7329 or Crimestoppers on 0800 555111.

http://www.met.police.uk/appeals/mayday/mayday2002.htm

Would the CoDC please reconsider their policy on DoS?

[±¤°í] ¾Æ·¡ ¼±¹°À» 100% µå¸³´Ï´Ù..½ÅûÇϼ¼¿ä...!!!

2002-11-04 Thread °æÇ°¾È³» 
Title: Untitled Document

































¿øÇϽô °æÇ°À»
¼±ÅÃÇϽÅÈÄ µå¸²·ÐÆнº ½ÅûÇϱ⸦ ´©¸£¼¼¿ä.
»ó±â °æÇ°Àº Á¶±â Ç°Àý µÉ ¼ö ÀÖÀ¸¸ç, ¹è¼ÛÀÌ ´Ù¼Ò Áö¿¬ µÉ ¼ö ÀÖ´Â °æÇ°ÀÌ ÀÖ½À´Ï´Ù.
°æÇ°Àº Ä«µå¿Í´Â º°µµ·Î ¹ß¼ÛÇÕ´Ï´Ù.°æÇ°°ú °ü·ÃµÈ ¸ðµç ¹®ÀÇ´Â ¹®ÀÇÀüÈ­ : 02-3275-1230 / ¹®ÀÇ ¸ÞÀÏ : [EMAIL PROTECTED]












 Copyright ¨Ï 2002 HYUNDAI CAPITAL SERVICES, Inc. All rights reserved.

RE: Intel's LaGrab

2002-11-04 Thread Mike Rosing 
On Sun, 3 Nov 2002, Lucky Green wrote:

 Tim wrote:
  Microsoft calls its technology Palladium. Intel dubs it
  LaGrande. 
 
  I say we call it LaGrab.

 Has anybody on the list seen any official specs, datasheets, etc. for
 Intel's LaGrande feature set? Any documents that could be donated to
 Cryptome's collection? So far, all I have been able to locate are vague
 press releases, marketing blather, and wild-eyed promises of
 hack-proofing computers.

I didn't think any of it was near finalized yet.  Even the comments here
from people working close to it indicate it isn't finished.

I suggest LaGrande Screw.  Once in place, it will be pretty easy for
Microsoft to screw everyone who owns a Paladium machine!

Patience, persistence, truth,
Dr. mike

Re: What email encryption is actually in use?

2002-11-04 Thread David Howe 
at Monday, November 04, 2002 3:13 PM, Tyler Durden
 This is an interesting issue...how much information can be gleaned
 from encrypted payloads?

Usually, the VPN is an encrypted tunnel from a specified IP (individual
pc or lan) to another specified IP (the outer marker of the lan, usually
the firewall/vpn combo box but of course that function can be split if
needs be)

sniffers can usually catch at least some of the initial login - normally
a host name or user name is passed unencrypted as part of the setup -
but any actual mail traffic will be indistinguishable from any other
traffic; it is encapsulation of IP packets in an outer encrypted
wrapper.
similar statements can usually be made for Zeb, SSH and other similar
tunnels - each encapsulates a low level (almost raw in the case of
strict tunnels like zeb or ssh) packet passing tunnel in a crypto skin.

Blacknet hits the trade press

2002-11-04 Thread Major Variola (ret) 
EWeek 21 Oct 2002 p 58, High-tech products invite tech crimes P.
Coffee

Writing about a consultant who tried to sell a client's software, and
got busted:
Next time, a code theif may use a BlackNet brokerage (as envisioned
in the
widely circulated essay by Timothy May) to avoid such traps.

[He is commenting on whereas stolen chips are valuable to many, stolen
software
is valuable only to a few...]

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 --
 From: Tyler Durden[SMTP:[EMAIL PROTECTED]]
 Sent: Monday, November 04, 2002 10:13 AM
 To:   [EMAIL PROTECTED]
 Subject:  RE: What email encryption is actually in use?
 
 The ever-though-provoking Peter Trei wrote...
 
 A great deal of highly sensitive internal
 email flows over these links, with the encryption totally transparent
 to the end-users.
 
 This is an interesting issue...how much information can be gleaned from 
 encrypted payloads? Is it possible for a switch or whatever that has 
 visibility up to layers 4/5/6 to determine (at least) what type of file is
 
 being sent? Can it determine at what layer encryption was performed?
 (These 
 may be obvious to many of you, but I can only claim expertise in layers
 0/1, 
 and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible 
 for hardware that examines large numbers of communiques to pre-determine 
 that much is of no interest.
 
 
Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tyler Durden[SMTP:[EMAIL PROTECTED]] writes:
 
 
 Most the ones I've seen are IPSEC over IPv4. You might be able to glean
 some info from packet size, timing, and ordering, but not much. IPSEC
 takes a plaintext IP packet and treats the whole thing as a data block
 to be encrypted.
 
 SO this would indicate that IPSEC creates a sort of blockage from seeing
 up 
 to Layers 4/5/6. Now when you say it takes the IP packet, is this just the
 
 datagram or is it also he procotol bytes? (I'm assuming the layer-2 
 information remains intact.) If the protocol bytes are unencrypted, then 
 there's a LOT that can probably be determined about any IP session. If the
 
 protocol bytes are encrypted, then this will ot be a very flexible
 session, 
 no? (More of a secure pipe I guess.)
 
 And then, does IPSEC include specification for MPLS? I would assume that
 the 
 MPLS header information is not encrypted, simply because the headers have
 no 
 global significance...
 
It's a pipe. The whole plaintext IP packet, from start to finish, including 
headers and checksum, gets treated as data, and encrypted.

The encrypted packet is the data for a new packet, which goes from one
firewall to another (and has only the firewall IP addresses exposed). The
packets visible on the outside only tell Eve that firewall A sent firewall
B an IPSEC packet of a certain size, with a particular Security Association.

(ie, the protocol field says 'this is an IPSEC packet').

A single SA can be used for many, many, internal connections.

Check the IPSEC RFCs for more info.

Peter Trei

RE: What email encryption is actually in use?

2002-11-04 Thread Tyler Durden 
Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.

SO this would indicate that IPSEC creates a sort of blockage from seeing up 
to Layers 4/5/6. Now when you say it takes the IP packet, is this just the 
datagram or is it also he procotol bytes? (I'm assuming the layer-2 
information remains intact.) If the protocol bytes are unencrypted, then 
there's a LOT that can probably be determined about any IP session. If the 
protocol bytes are encrypted, then this will ot be a very flexible session, 
no? (More of a secure pipe I guess.)

And then, does IPSEC include specification for MPLS? I would assume that the 
MPLS header information is not encrypted, simply because the headers have no 
global significance...






From: Trei, Peter [EMAIL PROTECTED]
To: [EMAIL PROTECTED], 'Tyler Durden' [EMAIL PROTECTED]
Subject: RE: What email encryption is actually in use?
Date: Mon, 4 Nov 2002 11:00:56 -0500



 --
 From: 	Tyler Durden[SMTP:[EMAIL PROTECTED]]
 Sent: 	Monday, November 04, 2002 10:13 AM
 To: 	[EMAIL PROTECTED]
 Subject: 	RE: What email encryption is actually in use?

 The ever-though-provoking Peter Trei wrote...

 A great deal of highly sensitive internal
 email flows over these links, with the encryption totally transparent
 to the end-users.

 This is an interesting issue...how much information can be gleaned from
 encrypted payloads? Is it possible for a switch or whatever that has
 visibility up to layers 4/5/6 to determine (at least) what type of file 
is

 being sent? Can it determine at what layer encryption was performed?
 (These
 may be obvious to many of you, but I can only claim expertise in layers
 0/1,
 and pieces of 2. Ok, I have a working knowledge of 3.) It may be 
possible
 for hardware that examines large numbers of communiques to pre-determine
 that much is of no interest.


Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.


_
Surf the Web without missing calls! Get MSN Broadband.  
http://resourcecenter.msn.com/access/plans/freeactivation.asp

RE: What email encryption is actually in use?

2002-11-04 Thread Major Variola (ret) 
At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
This is an interesting issue...how much information can be gleaned from

encrypted payloads?

Traffic analysis (who, how frequently, temporal patterns)
Size of payload

Is it possible for a switch or whatever that has
visibility up to layers 4/5/6 to determine (at least) what type of file
is
being sent?

Yes.

Modern network equiptment can examine all the way up to layer 7.
Can tell that you're sending an .mp3 and will cut your QoS, if that's
the policy.


 Can it determine at what layer encryption was performed?

Various packet classification hardware companies [1]
 make chips to find fields in headers.
(The classification chips pass this info to the NPU)
IPsec, SSL are trivial.  App-level crypto is
easy if the crypto has signatures, like -BEGIN PGP MESSAGE-.


Steganography + encryption, however, is pretty tough.  The S/N
ratio can become useless due to false alarms.  The Feds probably
have an enormous collection of intercepted arab baby pictures...

[1] Here's a blurb from http://solidum.com/products/index.cfm
Based on programmable state machine technology and a powerful,
openly-distributed
pattern description language, our scalable, forward-compatible, and
field-upgradable
 classification processors can be configured to closely inspect packets
for vital
 information up to and including Layer 7. The information collected can
then be used to
 make intelligent routing and switching decisions for service,
application, and QoS
 requirements. This improves the speed, power and efficiency of next
generation
 network processing architectures, facilitates the delivery of
content-based services
 and enables true QoS for differentiated services.

---
CALEA: What did you think layer 7 awareness meant?

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
 
 
 At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
 This is an interesting issue...how much information can be gleaned from
 
 encrypted payloads?
 
 Traffic analysis (who, how frequently, temporal patterns)
 Size of payload
 
 Is it possible for a switch or whatever that has
 visibility up to layers 4/5/6 to determine (at least) what type of file
 is
 being sent?
 
 Yes.
 
 Modern network equiptment can examine all the way up to layer 7.
 Can tell that you're sending an .mp3 and will cut your QoS, if that's
 the policy.
 
Durden's question was whether a snooper on an IPSEC VPN can
tell (for example) an encrypted email packet from an encrypted
HTTP request. 

The answer is no.

All Eve can tell is the FW1 sent FW2 a packet of a certain size.
The protocol of the encapsulated IP packet, it's true source 
behind FW1, it's true destination behind FW2, and the true
destination port are all hidden.

Peter

Cute Girls With Animals!

2002-11-04 Thread WowieTeenies 



Wowie! Can You Believe These Outrageous Girls?!?

TEENS ON THE BARNYARD... THEY ARE SO FRIGGIN HORNY!


	
		
		
			
		
		
	










This email was sent to you because your email address is part of a targeted opt-in list. You have received this email by either requesting more information on one of our sites or someone may have used your email address.

If you received this email in error, please accept our apologies. If you do not wish to receive further offers, please click below to remove your email from future offers. Please allow 24 hours for complete removal from our system.
Please Remove Me

ADULT ADV: Get the Scoop on ALL of your Favorite Celebrities

2002-11-04 Thread Danielle 
Title: Xxxtasy Mail














	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

		

		

		

		

		

		

			

			

			

			

			ManWoman

			

			WomanMan

			

			

			

		

		

		

		

		

	

	

	

	

	

	

	



































This message is being sent to you because you are a member of Xxxtasy Mail. 



To change your subscription please visit: THIS LINK 



 Copyright Protected - All Rights Reserved 

Copyrights on exclusive images, video and text within this site strictly enforced.

All Models were 18 years old or older when photos were taken.

cypherpunks@minder.net

2002-11-04 Thread owner-cypherpunks 
Title: Öйú½ÌÓýÍø »¶Ó­ÄúµÄºÏ×÷£¡ 





   
 
  
   
 
  
 
   
Èç¹ûÄú²»Ï£ÍûÊÕµ½ÎÒÃǵÄÓʼþ£¬
ÇëËæÊÖɾµô,лл£¡





¼ªÁÖÌزú¸ßµÈר¿ÆѧУ2003ÄêÕÐÉú¼Æ»®
Öйú½ÌÓýÍøÌṩÍøÕ¾´ú½¨£¨°üÀ¨£º²ß»®¡¢ÐÎÏóÉè¼Æ¡¢ÍøÒ³ÖÆ×÷£©¡¢Óò
Ãû×¢²á¡¢Ö÷»ú×âÁÞ¡¢ÍøÕ¾ÍƹãµÈһϵÁÐÈ«Ì×·þÎñ£¬¸ù¾Ý¹óԺУµÄʵ¼ÊÐèҪѡÔñÀàÐÍ£º
  A£º4000Ôª£¨±ê×¼ÐÍ£© B£º6000Ôª£¨ÉÌÎñÐÍ£© C:12000Ôª£¨ºÀ»ªÐÍ£©
  
  Êý¾Ý¿â¶©ÖÆ/¿ª·¢¼Û¸ñÁíÒé¡£  
  
  ¹ØÓÚ·¢²¼2003Äê¶ÈÈ«¹ú¸÷µØ¸ßУÕÐÉú¼Æ»®µÄ֪ͨ  
  
   ¸ù¾Ý¹ú¼Ò½ÌÓý²¿Í¨Öª£¬2003ÄêÈ«¹ú¸ß¿¼ÈÕÌá
Ç°Ò»¸öÔ¡£¼øÓÚ´Ë£¬¸÷ԺУÕÐÉú¹¤×÷Òª×öÏàÓ¦µ÷Õû¡£Öйú½ÌÓýÍøΪÁËÄܸüºÃµØÅäºÏ¹ó
£¨Ôº£©Ð£×öºÃÌáÇ°Ðû´«ÕÐÉú¹¤×÷£¬Èùã´óѧÉú¡¢¼Ò³¤¼°ÔçÁ˽â¹ó£¨Ôº£©Ð£µÄʦ×ÊÇé¿ö£¬Í¬Ê±Ò²ÎªÈøü¶à
µÄѧÉúͨ¹ý¡¶Öйú½ÌÓýÍø--ÖйúÕÐÉúÐÅÏ¢¡·×¨À¸Á˽â¹ó£¨Ôº£©Ð£2003Äê¶ÈµÄÕÐÉú¼Æ»®¼°Ïà¹ØÇé¿ö£¬ÌØÉè
Á¢¸Ã·þÎñרÀ¸¡£ 
  2003Äê¶ÈÈ«¹ú¸÷µØ¸ßУÕÐÉú¼Æ»®ÊÇÒÔ¿çÄê¶ÈµÄÐÎʽ·¢²¼£¬ÖØÔÚÐû´«Õ¹Ê¾
¹óУµÄÆ·ÅÆÐÎÏóºÍʦ×ÊÁ¦Á¿¡¢×¨ÒµÌØÉ«¡¢ÈíÓ²¼þÉèÊ©µÈÇé¿ö£»Í¬Ê±ÔÚ¡¶Öйú½ÌÓýÍø--¸ßУÍƼö¡·×¨À¸ÖÐ
ÌرðÍƼö¡£ 
  Öйú½ÌÓýÍø£¨www.ChinaEduNet.com£©£¬Ïã¸ÛÌØÇøÕþ¸®×¢
²áºÅ¡¾18159887-030-01-02-5¡¿£¬ÏµÓÉÖйú½ÌÓý¼ÒЭ»áÖ÷°ì£¬²¢»ñÊÀ½ç»ªÈ˽»Á÷Э»á£¨Ïã¸Û£©È«ÇòÍÆ
¼ö£¬ÔÚÐÅÏ¢´«Ëͺͷ¢²¼·½Ê½µÈ·½ÃæÓÐ×ÅÁ¼ºÃµÄÉç»áÉùÓþ£¬·¢²¼µÄÐÅÏ¢¾ßÓÐȨÍþÐÔ¡¢È«ÃæÐÔ¡¢¸ßЧÐԺͼ°
ʱÐÔµÄÌص㡣³ÏÑû¹ó£¨Ôº£©Ð£¼ÓÃË£¬¹²Í¬´Ù½øÖйú½ÌÓýÊÂÒµµÄ·¢Õ¹£¡  

±¾´Î»î¶¯µÄÖ÷ÌåÄÚÈÝΪ£º 
  Ò»¡¢Ðû´«ÍƼö²¿·Ö¸ßУµÄÆ·ÅÆÐÎÏó¼°2003Äê¶ÈµÄÕÐÉú¼Æ»®£¬ÖÜÆÚΪһÄ꣬¼´£º2002Äê9
ÔÂ-2003Äê9Ô£» 
  ¶þ¡¢²Î¼Ó´Ë´ÎÐû´«ÕÐÉúµÄԺУ£¬ÔÚ¡¶Öйú½ÌÓýÍø--¸ßУÍƼö¡·×¨À¸×öÖصãÍƼö£¨Ã¿Ê¡ÊÐ
·ÖÀàÍƼöÊ®ËùÔº¡¢Ð££¬°´±¨ÃûÏȺóÅÅÁУ©£» 
  Èý¡¢¿¯µÇÐÅÏ¢Ãâ·ÑÐÞ¸Ä/¸üÐÂ5´Î£¬ÒÔ±ãÔÚÕÐÉú¼Æ»®Óëʵ¼ÊÇé¿ö²»·ûʱ×ö¼°Ê±¸ü¸Ä£» 
  ËÄ¡¢´Ë´Î»î¶¯£¬ÊÕ·ÑΪÈý¸öÔ£¨ÕÐÉú»Æ½ðÔ£º6¡¢7¡¢8£©£¬È«Äê·¢²¼¡£ Êշѱê×¼£º6800
Ôª¡£  
Ïã¸ÛµØÖ·£º  
  Ïã¸ÛÓ¢»ÊµÀ14ºÅÇÈÐË´óÏÃ16/FÂ¥F×ù  
  ͶËßÐÅÏ䣺Ïã¸ÛÐË·¢½ÖÓÊÕþ¾Ö38196ÐÅÏä ÊÕ  
  µç »°£º852-2915.6312 ´« Õ棺852-2915.6313  
  E-mail:[EMAIL PROTECTED]   
 ±±¾©µØÖ·£º  
  ±±¾©ÊÐÑÇÔË´å´óÍÍ·¿ÚÌì´´ÊÀÔµ´óÏÃD1×ù9²ã910  
  ÁªÏµÈË£ºÂÞÏÈÉú °²Ð¡½ã  
  ÐÅ Ï䣺±±¾©ÊÐ100101-76ÐÅÏä Öйú½ÌÓýÍø ÊÕ  
  µç »°£º010-6480.3078 ´« Õ棺010-6480.3077  
  E-mail: [EMAIL PROTECTED] 
 
  »ã¿î·½Ê½£º 
  Óʾֻã¿î£º±±¾©ÊÐ100101-76ÐÅÏä ²ÆÎñ¿Æ ÊÕ ÓÊÕþ±àÂ룺100101  
  ÒøÐлã¿î£º¿ª»§ÐУºÖйú½¨ÉèÒøÐб±¾©Êа²»ªÖ§ÐÐ ÕÊ ºÅ£º2610047204 
  ¿ª»§Ãû£º±±¾©ÊÀ»ªÌìµØÍøÂç¼¼Êõ·þÎñÓÐÏÞ¹«Ë¾ 
 
   
 
   
 
   

 
   
 
¡¡  
 
 
powered by batchmailer  http://www.maillistchina.comÂòȺ·¢Èí¼þ,ËÍÓʼþÁбí

Wake Up The Mental Genius Within You Instantly...... inv

2002-11-04 Thread Robert Mendel 

You can wake up the mental genius within you instantly!

Mantic VII

Gives You Instant Mental Psychic Powers

Solves the problems of Love-Money-Career with this psychic power.
These are not idle words—they are "fact" as I am about to prove to you.


Click Here for Full FREE Details!

Get Removed From Further Mailings



































ouvcqhbyxjbvoymmevxb

Re: Sending bricks through the mail

2002-11-04 Thread Sam Ritchie 
I sent the link to Peter direct yesterday, but if anyone else is
interested--
http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html
~SAM

 From: Major Variola (ret) [EMAIL PROTECTED]
 Date: Mon, 04 Nov 2002 08:26:17 -0800
 To: [EMAIL PROTECTED] [EMAIL PROTECTED]
 Subject: RE: Sending bricks through the mail
 
 At 11:17 PM 11/3/02 +0100, Thoenen, Peter  Mr.  EPS wrote:
 Tried emailing direct but bounced so apologize to the list for the OT
 content :)
 
 You don't happen to have the url do you?  Think it would make an
 amusing
 read.
 
 Sorry, no.  BTW, my nym is for humor value, and spam-avoidance, not
 replies.

Cointel is back: meet any new arabic-speaking guys in shiny shoes?

2002-11-04 Thread Nomen Nescio 
[EMAIL PROTECTED] (Major Variola ret) writes:

 http://www.washtimes.com/national/20021104-81830128.htm
 Officials attempt to get inside cells of al Qaeda in U.S.

 By Richard Sale
 UNITED PRESS INTERNATIONAL

 Local and federal law-enforcement agencies are attempting to
 infiltrate al Qaeda sleeper cells operating in the United States
 and are using disinformation campaigns to expose and neutralize the
 terror groups that continue to communicate with one another, U.S.
 intelligence officials say. FBI officials say recent electronic
 intercepts of communications between some al Qaeda groups show that
 they are talking to each other. The cells are up and active, an
 FBI official said of the groups believed to be embedded in most U.S.
 cities with sizable Islamic communities, such as New York, Detroit
 and Los Angeles. In a review of ongoing U.S. operations, United Press
 International was briefed on the al Qaeda investigations by several
 current and former intelligence officers, all of whom asked not to
 be identified by name. Former CIA and Defense Intelligence Agency
 officials say the terrorists choose run-down neighborhoods because
 in a place like that, you are invisible. People don't care about
 you; they don't want to look at you and don't look at you, as one
 put it. A former senior U.S. intelligence official explained: The
 members of cells don't think of themselves as raiding parties but as
 the front end of an invasion. If they can attack, blow things up and
 disrupt society, they believe there will be mass defections to Islam
 and society will collapse. They can then set up an Islamic state.
 The cells, these sources said, are made up of U.S.-born Muslims and
 immigrants from Pakistan, Saudi Arabia and the Persian Gulf states,
 and number in the thousands. Most are thought to have entered the
 country some time ago and are deeply entrenched in their communities.
 To root them out, the FBI has been busy developing a network of
 informers in Muslim neighborhoods, including nightclub owners,
 waiters and merchants, a federal law-enforcement official said.
 Intelligence is the chief tool in the war on terror, a senior former
 Pentagon intelligence official said. Intelligence is really just
 a giant research operation where you rely on huge archival files,
 he said. It's the most effective weapon you've got. The next and
 best weapon in the war against the cells is infiltration. A longtime
 covert operations specialist said law enforcement is using agents who
 are Arabs and fluent in Arabic, who then look for ways to get inside
 the community where the cell members worship. Their next goal is to
 find out about the social structure: Where do they worship, where do
 they entertain, what do they talk about? he said. If it is known
 where they socialize and there is probable cause, local police might
 be able to place eavesdropping devices on the premises, he said. The
 goal is to identify and eliminate leaders, a former CIA official said.
 As the FBI and other law-enforcement agencies gain knowledge, any
 rivalries among group members can be exploited, using disinformation
 to convince some cell members that others are informers or traitors.
 One FBI official explained that the purpose is to disrupt hostile
 organizations, and that FBI tactics go back to 1956, when the FBI
 established its Cointelpro (counterintelligence program.) This
 official said the program pitted one group or even members of a single
 group against another like gladiators in ancient Rome. The program
 has been used successfully against such groups as the Black Panthers
 and the Ku Klux Klan, he said

Re: What email encryption is actually in use?

2002-11-04 Thread David W. Hodgins 
-BEGIN PGP SIGNED MESSAGE-

If you signed your messages on a regular basis, it would let me know 
whether or not you're the same Tim May, I've been reading since back
when toad.com was the only server for the list.

If you're key was signed by anyone I've dealt with, who I know will 
actually check your id, it would increase my confidence that you
really are Tim May, and not just a net persona.

It doen't make one iota of difference, whether you choose to 
distribute your key or not.  Your ideas are usually thought
provoking,
and consistent enough to form a persona in the minds of the list
readers. Or at least, in mine.

I know you know (whether or not you agree) with the above.  It just
struck me as humourous that you'd sign the post, with the comment 
to the effect that there isn't much point in doing so, with a key
that isn't on the servers.

Do you see the PGP web of trust as completly useless?

As to who I am, well...

I'm a programmer, living in London, Ont. Canada.

I've been lurking, off and on, since 94 or so.  I don't think I've
actually posted anything to the list since back in 96, when I 
wrote a freeware program to simplify using PGP with dos based
offline mail readers (MPI.ZIP).

While I normally promote privacy issues, only with those I meet
face to face, I still consider myself a cypherpunk.  I normally
only post to the list, when my point of view isn't being 
expressed by any of the regular posters.

Regards, Dave Hodgins.

Tim May wrote:
 
 On Sunday, November 3, 2002, at 06:14  PM, David W. Hodgins wrote:
 
 
  -BEGIN PGP SIGNED MESSAGE-
 
  The advantages really disappear, when the key used to sign the
  message
  isn't sent to the key servers {:.
 
 
 Those who need to know, know.
 
 You, I've never seen before. Even if you found my key at the
 Liberal Institution of Technology, what would it mean?
 
 Parts of the PGP model are ideologically brain-dead. I attribute
 this to left-wing peacenik politics of some of the early folks.
 
- --Tim May

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com

iQEVAwUBPcXu94s+asmeZwNpAQFQuAf+LbwrdQV8CPAc/lw2AF5HPvKLGopHCj3i
tFR+drfFAYDDA6UHMPJOFxzDdhFYrRbhQ3c3cSkExSSoI7Mce389KPdGimWQZTJZ
rCYyvnXtG+S//ya8yCELXC3SSwwra0+laPpoSz6lseIU6YJUYFyMLnnXaH5gpxHi
O7TtK8kfPFQVVdbBuJC4mp9SjNO3DqIM29UbPSrf9KZ1w2zPXA4eov9GL9jjU808
CzT+wncCYaE1EU8cT3C+TFJyd8r8B1S6CLbjX9hC71kIt5bVUt1EHMHUx8u2YaXZ
i4o2kKQGePbJvIIiOuwngIUOuwnbgLlGO7+zhsL4y2UuXeJ1/W5NVQ==
=8BJt
-END PGP SIGNATURE-

Re: What email encryption is actually in use?

2002-11-04 Thread David Howe 
at Monday, November 04, 2002 2:28 AM, Tim May [EMAIL PROTECTED] was seen
to say:
 Those who need to know, know.
Which of course is a viable model, provided you are only using your key
for private email to those who need to know
if you are using it for signatures posted to a mailing list though, it
just looks silly.

 You, I've never seen before. Even if you found my key at the Liberal
 Institution of Technology, what would it mean?
it would at least give us a chance to check the integrity of your post
(what a sig is for after all) and anyone faking your key on the servers
would have to prevent you ever seeing one of your own posts (so that you
can't check the signature yourself)

 Parts of the PGP model are ideologically brain-dead. I attribute this
 to left-wing peacenik politics of some of the early folks.
The Web-of-Trust model is mildly broken - all you can really say about
it is that it is better than the alternatives (X509 is not only badly
broken, but badly broken for the purpose of hierachical control and/or
profit)
In the current case, one reason to sign important posts is to establish
a pattern of ownership for posts, independent of real-world identity. If
I know that posts a,b  c sent from nym x are all signed, I will be
reasonably confident that key y is owned by the normal poster of nym x.
that I don't know who that is in meatspace is pretty irrelevant.
Where both systems break down is when trying to assert that key y is
tied to anything but an email address (or possibly a static IP). There
is little to bind a key to anything or anyone in the real world, unless
you meet in person, know each other reasonably well (if only via third
parties that can identify you both) and exchange fingerprints. in fact,
WoT is simply an attempt to automate this process offline, so that you
can be introduced to someone by a third party without all three of you
having to meet; you still have to make a value judgement based on how
sure you are about the third party's reliability and how confident they
seem about the identity of x - however in the real world, both of those
are vague, hard-to-define values and in the WoT they are rigid (you have
a choice of two levels of trust for an introducer, and no way to encode
how much third parties should rely on your identification)

Re: What email encryption is actually in use?

2002-11-04 Thread Shawn K. Quinn 
On Saturday November 2 2002 11:09, Adam Shostack wrote:
 I'd be interested to hear how often email content is protected by any
 form of crypto, including IPsec, Starttls, ssh delivery, or PGP or
 SMIME.  There's probably an interesting paper in going out and
 looking at this.

I use GnuPG to the people I know that have it. Admittedly that number is 
rather low but I am working on raising it. My e-mail client will do SSL 
and TLS so most if not all of my messages are protected at least to and 
from the ISP's servers.

I would like to use GnuPG (my OpenPGP application of choice) more often. 
Unfortunately the number of people that have it is too low to make this 
practical and providers like AOL making it very difficult to use 
encryption with their proprietary e-mail clients pushes the number even 
lower than it should be.

Part of the problem is too many people not realizing that one sending 
e-mail in the clear means that one trusts their ISP's admins, the 
receiving ISP's admins, and anyone with root (or possibly even just 
physical access) on a network between them. All it takes is one 
untrustworthy person snooping on the wire and there goes your privacy. 
Granted, yes, it's a violation of laws like the ECPA (in the US) to do 
so, but when there are potentially dozens of people who could have 
divulged a message, how does one know who to prosecute?

-- 
Shawn K. Quinn

RE: Intel's LaGrab

2002-11-04 Thread Lucky Green 
Tim wrote:
 Microsoft calls its technology Palladium. Intel dubs it 
 LaGrande. 
 
 I say we call it LaGrab.

Has anybody on the list seen any official specs, datasheets, etc. for
Intel's LaGrande feature set? Any documents that could be donated to
Cryptome's collection? So far, all I have been able to locate are vague
press releases, marketing blather, and wild-eyed promises of
hack-proofing computers.

TIA,
--Lucky

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tim May[SMTP:[EMAIL PROTECTED]]
 
 
 On Saturday, November 2, 2002, at 08:01  PM, Tyler Durden wrote:
 
  Prior to that, the encrypted email I've sent in the past year or so 
  has almost always failed, because of version incompatibilities,
 
  While in Telecom I was auditing optical transport gear, and we adopted 
  the practice of encrypting all of our audit reports to vendors. Of 
  course, the chance of there being an eavesdropper (uh...other than 
  NSA, that is) was a plank energy above zero, but it gave the vendors 
  the imporession we really cared a lot about their intellectual 
  property (if we determined a problem with their equipment, and if that 
  info ever leaked, it could have a major impact on them).
 
 When I was at Intel we sent our designs for microprocessors to European 
 branches and/or partners. One set of designs sent to MATRA/Harris, a 
 partner in the 80C86, was stolen in transit. (The box of tapes arrived 
 in Paris, but the tapes had been replaced by the suitable weight of 
 bricks.)
 
I suspect that there is a fair amount of encrypted mail flowing over the
net which is not obvious to ISPs. It's internal mail of large corporations.

Many corps maintain VPNs between their offices, with encryption
handled at the firewall. A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users. 

Of course, this is just internal stuff. The external mail is as open
as everyone's been saying.

Peter Trei

RE: Katy, bar the door

2002-11-04 Thread Trei, Peter 
 Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
 
 When that trucker kamakazi'd into the state capital in Sacramento last
 year, they decided to put Jersey barriers
 up.  Hard to do that in the air (Blimps with nets?)
 
The name for these is 'barrage balloons'. They were
widely deployed during WW2 against dive bombers
and ground-attack fighters.

I suspect they are less useful today for this purpose,
due to the increased distances of attack, but they
might make life harder for cruise missiles and other 
UAVs.

Plan to see them over Baghdad.

Peter Trei

RE: Intel's LaGrab

2002-11-04 Thread Mike Rosing 
On Sun, 3 Nov 2002, Lucky Green wrote:

 Tim wrote:
  Microsoft calls its technology Palladium. Intel dubs it
  LaGrande. 
 
  I say we call it LaGrab.

 Has anybody on the list seen any official specs, datasheets, etc. for
 Intel's LaGrande feature set? Any documents that could be donated to
 Cryptome's collection? So far, all I have been able to locate are vague
 press releases, marketing blather, and wild-eyed promises of
 hack-proofing computers.

I didn't think any of it was near finalized yet.  Even the comments here
from people working close to it indicate it isn't finished.

I suggest LaGrande Screw.  Once in place, it will be pretty easy for
Microsoft to screw everyone who owns a Paladium machine!

Patience, persistence, truth,
Dr. mike

Re: What email encryption is actually in use?

2002-11-04 Thread David Howe 
at Monday, November 04, 2002 3:13 PM, Tyler Durden
 This is an interesting issue...how much information can be gleaned
 from encrypted payloads?

Usually, the VPN is an encrypted tunnel from a specified IP (individual
pc or lan) to another specified IP (the outer marker of the lan, usually
the firewall/vpn combo box but of course that function can be split if
needs be)

sniffers can usually catch at least some of the initial login - normally
a host name or user name is passed unencrypted as part of the setup -
but any actual mail traffic will be indistinguishable from any other
traffic; it is encapsulation of IP packets in an outer encrypted
wrapper.
similar statements can usually be made for Zeb, SSH and other similar
tunnels - each encapsulates a low level (almost raw in the case of
strict tunnels like zeb or ssh) packet passing tunnel in a crypto skin.

RE: Sending bricks through the mail

2002-11-04 Thread Major Variola (ret) 
At 11:17 PM 11/3/02 +0100, Thoenen, Peter  Mr.  EPS wrote:
Tried emailing direct but bounced so apologize to the list for the OT
content :)

You don't happen to have the url do you?  Think it would make an
amusing
read.

Sorry, no.  BTW, my nym is for humor value, and spam-avoidance, not
replies.

Blacknet hits the trade press

2002-11-04 Thread Major Variola (ret) 
EWeek 21 Oct 2002 p 58, High-tech products invite tech crimes P.
Coffee

Writing about a consultant who tried to sell a client's software, and
got busted:
Next time, a code theif may use a BlackNet brokerage (as envisioned
in the
widely circulated essay by Timothy May) to avoid such traps.

[He is commenting on whereas stolen chips are valuable to many, stolen
software
is valuable only to a few...]

RE: What email encryption is actually in use?

2002-11-04 Thread Major Variola (ret) 
At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
This is an interesting issue...how much information can be gleaned from

encrypted payloads?

Traffic analysis (who, how frequently, temporal patterns)
Size of payload

Is it possible for a switch or whatever that has
visibility up to layers 4/5/6 to determine (at least) what type of file
is
being sent?

Yes.

Modern network equiptment can examine all the way up to layer 7.
Can tell that you're sending an .mp3 and will cut your QoS, if that's
the policy.


 Can it determine at what layer encryption was performed?

Various packet classification hardware companies [1]
 make chips to find fields in headers.
(The classification chips pass this info to the NPU)
IPsec, SSL are trivial.  App-level crypto is
easy if the crypto has signatures, like -BEGIN PGP MESSAGE-.


Steganography + encryption, however, is pretty tough.  The S/N
ratio can become useless due to false alarms.  The Feds probably
have an enormous collection of intercepted arab baby pictures...

[1] Here's a blurb from http://solidum.com/products/index.cfm
Based on programmable state machine technology and a powerful,
openly-distributed
pattern description language, our scalable, forward-compatible, and
field-upgradable
 classification processors can be configured to closely inspect packets
for vital
 information up to and including Layer 7. The information collected can
then be used to
 make intelligent routing and switching decisions for service,
application, and QoS
 requirements. This improves the speed, power and efficiency of next
generation
 network processing architectures, facilitates the delivery of
content-based services
 and enables true QoS for differentiated services.

---
CALEA: What did you think layer 7 awareness meant?

RE: What email encryption is actually in use?

2002-11-04 Thread Tyler Durden 
Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.

SO this would indicate that IPSEC creates a sort of blockage from seeing up 
to Layers 4/5/6. Now when you say it takes the IP packet, is this just the 
datagram or is it also he procotol bytes? (I'm assuming the layer-2 
information remains intact.) If the protocol bytes are unencrypted, then 
there's a LOT that can probably be determined about any IP session. If the 
protocol bytes are encrypted, then this will ot be a very flexible session, 
no? (More of a secure pipe I guess.)

And then, does IPSEC include specification for MPLS? I would assume that the 
MPLS header information is not encrypted, simply because the headers have no 
global significance...






From: Trei, Peter [EMAIL PROTECTED]
To: [EMAIL PROTECTED], 'Tyler Durden' [EMAIL PROTECTED]
Subject: RE: What email encryption is actually in use?
Date: Mon, 4 Nov 2002 11:00:56 -0500



 --
 From: 	Tyler Durden[SMTP:[EMAIL PROTECTED]]
 Sent: 	Monday, November 04, 2002 10:13 AM
 To: 	[EMAIL PROTECTED]
 Subject: 	RE: What email encryption is actually in use?

 The ever-though-provoking Peter Trei wrote...

 A great deal of highly sensitive internal
 email flows over these links, with the encryption totally transparent
 to the end-users.

 This is an interesting issue...how much information can be gleaned from
 encrypted payloads? Is it possible for a switch or whatever that has
 visibility up to layers 4/5/6 to determine (at least) what type of file 
is

 being sent? Can it determine at what layer encryption was performed?
 (These
 may be obvious to many of you, but I can only claim expertise in layers
 0/1,
 and pieces of 2. Ok, I have a working knowledge of 3.) It may be 
possible
 for hardware that examines large numbers of communiques to pre-determine
 that much is of no interest.


Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.


_
Surf the Web without missing calls! Get MSN Broadband.  
http://resourcecenter.msn.com/access/plans/freeactivation.asp

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tyler Durden[SMTP:[EMAIL PROTECTED]] writes:
 
 
 Most the ones I've seen are IPSEC over IPv4. You might be able to glean
 some info from packet size, timing, and ordering, but not much. IPSEC
 takes a plaintext IP packet and treats the whole thing as a data block
 to be encrypted.
 
 SO this would indicate that IPSEC creates a sort of blockage from seeing
 up 
 to Layers 4/5/6. Now when you say it takes the IP packet, is this just the
 
 datagram or is it also he procotol bytes? (I'm assuming the layer-2 
 information remains intact.) If the protocol bytes are unencrypted, then 
 there's a LOT that can probably be determined about any IP session. If the
 
 protocol bytes are encrypted, then this will ot be a very flexible
 session, 
 no? (More of a secure pipe I guess.)
 
 And then, does IPSEC include specification for MPLS? I would assume that
 the 
 MPLS header information is not encrypted, simply because the headers have
 no 
 global significance...
 
It's a pipe. The whole plaintext IP packet, from start to finish, including 
headers and checksum, gets treated as data, and encrypted.

The encrypted packet is the data for a new packet, which goes from one
firewall to another (and has only the firewall IP addresses exposed). The
packets visible on the outside only tell Eve that firewall A sent firewall
B an IPSEC packet of a certain size, with a particular Security Association.

(ie, the protocol field says 'this is an IPSEC packet').

A single SA can be used for many, many, internal connections.

Check the IPSEC RFCs for more info.

Peter Trei

RE: What email encryption is actually in use?

2002-11-04 Thread Trei, Peter 
 Tyler Durden[SMTP:[EMAIL PROTECTED]] wrote
 
 
 But from your previous email, you indicated that the secure IPSEC tunnel
 is 
 created by taking the packets, encrypting S/A, D/A, payload and protocol 
 fields (ie, pretty much everything) and then dumping them into the payload
 
 of another packet, and setting the Protocol field of the parent-packet to 
 IPSEC. All that is now visible are the firewall addresses.
 
 That's a lot, methinks! In other words, there's practically a bright red 
 flag sticking up saying I'm encrypted! Look over here!...it's child's
 play 
 (well, if you consider making an ASIC child's play!) to then look at the
 S/A 
 and D/a to see if they are interesting. If they belong to the IP spaces of
 
 two large companies, for instance, then look elsewhere (though I hear
 rumors 
 that the NSAs of the world are branching out into industrial eavesdropping
 
 for their parent companies, ehr, for their parent countries).
 
 If a secure VPN tunnel forms between al-Jazeera's firewall and, say, some 
 ISP near Atlantic Avenue in Brooklyn (heavy Arab community), then all
 sorts 
 of spyglasses could pop up.
 
The title of this thread is What email encryption is actually in use?. I
posted
that a lot intra-company email often goes over encrypted VPNs between
worksites, and that this should be considered in trying to figure out how
much
email is encrypted.

After some back and forth to educate you on how IPSEC tunneling works, you
now understand, but it turns out that that was not what you were interested
in.

VPNs no more raise a red flag than does any other form of encrypted 
communication without steganography.  If your threat model includes 
end-point identification, then use alt.anonymous.messages. If traffic
analysis is also a worry, use stego.

VPNs are probably responsible for more encrypted traffic than
anything else on the net, and meet corporate threat models
very well. If your threat model is different, you may need a different
solution.

Peter Trei

Re: What email encryption is actually in use?

2002-11-04 Thread telecon 
On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote:
 - -- treat text as text, to be sent via whichever mail program one uses, 
 or whichever chatroom software (not that encrypted chat rooms are 
 likely...but who knows?), or whichever news reader software

http://www.invisible.net is sort of an encrypted chatroom.
-- 
Windows, Icons, Mice and Pointers.  A jedi craves not these things.

CARDIS '02 - 5th Smart Card Research and Advanced Application Conference

2002-11-04 Thread Alex Walker 
Dear colleague -

I'd like to invite you to attend the 5th Smart Card Research and
Advanced Application Conference, November 21-22 in San Jose, CA.
http://www.usenix.org/events/cardis02/

CARDIS '02, the joint IFIP/USENIX International Conference on Smart
Card Research and Advanced Applications, will bring together
researchers and practitioners in the development and deployment of
smart card systems and technologies.

This two-day conference features:

Keynote speaker Vincent Cordonnier, LIFL; 14 refereed papers; panel
discussions; Work-In-Progress reports as well as ample opportunities
to informally interact with fellow attendees and speakers.

Unlike events devoted to commercial and application aspects of smart
cards, the CARDIS conferences bring together researchers who are
active in all aspects of the design, validation, and application of
smart cards.

The breadth of smart card research stimulates a synergy among
disparate research communities, making CARDIS an ideal opportunity to
explore and learn from the latest research advances.

We hope you will join us in San Jose.

On behalf of the program committee -

Peter Honeyman, CITI, University of Michigan
CARDIS '02 Program Chair


--
Alex Walker
Production Editor
USENIX Association
2560 Ninth Street, Suite 215
Berkeley, CA 94710
510/528-8649 x33

RE: Sending bricks through the mail

2002-11-04 Thread Lisa 
I think this is what you're looking for:

http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html

At 11:17 PM 11/3/02 +0100, Thoenen, Peter  Mr.  EPS wrote:
Tried emailing direct but bounced so apologize to the list for the OT 
content :)

You don't happen to have the url do you?  Think it would make an
amusing
read.

traffic analysis of VPN/secure tunnels (Re: What email encryption is actually in use?)

2002-11-04 Thread Adam Back 
On Mon, Nov 04, 2002 at 12:58:55PM -0500, Trei, Peter wrote:
 Durden's question was whether a snooper on an IPSEC VPN can
 tell (for example) an encrypted email packet from an encrypted
 HTTP request. 
 
 The answer is no.
 
 All Eve can tell is the FW1 sent FW2 a packet of a certain size.
 The protocol of the encapsulated IP packet, it's true source 
 behind FW1, it's true destination behind FW2, and the true
 destination port are all hidden.

An external obseverer being able to tell the time of exchange or
percentage of traffic which is email vs http through a VPN probably
isn't a big deal to most people.

But if someone did care, it may be that you could have some
probabilistic indication of whether the traffic is email or http (or
other distinctions) based on the size of the packets, the timing that
kind of thing.  As there are different internal originating-points
(mail hub, vs desktop/desktop+proxy cache), probably aspects of the
hardware, TCP stack and application performance and behavior would
leave some still recognizable performance and IP packet size
signature.

A more direct traffic-analysis type of risk is interactive session
protocols like telnet, perhaps some chat programs where the characters
are sent as they are typed.  In this scenario it may be that an
attacker could reconstruct the plaintext by analysing typing
characteristics.  (There was a paper about this risk for interactive
sessions over SSH published a while back -- don't have the reference
handy, probably google could find it).

Another related type of risk is that SSL does not necessarily obsecure
the page requested as the request and/or response may have unique,
predictable and publicly measurable size uniquely identifying the
document requested.

Adam
--
http://www.cypherspace.org/adam/